MOPC/MOPC-Portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add profile settings page, mentor management, and S3 email logos

Browse Source 
- Add universal /settings/profile page accessible to all roles with
  avatar upload, bio, phone, password change, and account deletion
- Expand updateProfile endpoint to accept bio (metadataJson), phone,
  and notification preference
- Add deleteAccount endpoint with password confirmation
- Add Profile Settings link to all nav components (admin, jury, mentor,
  observer)
- Add /admin/mentors list page and /admin/mentors/[id] detail page for
  mentor management
- Add Mentors nav item to admin sidebar
- Update email logo URLs to S3 (s3.monaco-opc.com/public/)
- Add ocean.png background image to email wrapper

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Matt
2026-01-30 19:57:12 +01:00
parent 0c0a9b7eb5
commit 402bdfd8c5
10 changed files with 1248 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
src/server/routers/user.ts
View File

@@ -1,5 +1,6 @@
import { z } from 'zod'
import { TRPCError } from '@trpc/server'
import type { Prisma } from '@prisma/client'
import { router, protectedProcedure, adminProcedure, superAdminProcedure, publicProcedure } from '../trpc'
import { sendInvitationEmail, sendMagicLinkEmail } from '@/lib/email'
import { hashPassword, validatePassword } from '@/lib/password'
@@ -18,6 +19,10 @@ export const userRouter = router({
role: true,
status: true,
expertiseTags: true,
metadataJson: true,
phoneNumber: true,
notificationPreference: true,
profileImageKey: true,
createdAt: true,
lastLoginAt: true,
},
@@ -31,15 +36,96 @@ export const userRouter = router({
.input(
z.object({
name: z.string().min(1).max(255).optional(),
bio: z.string().max(1000).optional(),
phoneNumber: z.string().max(20).optional().nullable(),
notificationPreference: z.enum(['EMAIL', 'WHATSAPP', 'BOTH', 'NONE']).optional(),
})
)
.mutation(async ({ ctx, input }) => {
const { bio, ...directFields } = input
// If bio is provided, merge it into metadataJson
let metadataJson: Prisma.InputJsonValue | undefined
if (bio !== undefined) {
const currentUser = await ctx.prisma.user.findUniqueOrThrow({
where: { id: ctx.user.id },
select: { metadataJson: true },
})
const currentMeta = (currentUser.metadataJson as Record<string, string>) || {}
metadataJson = { ...currentMeta, bio } as Prisma.InputJsonValue
}
return ctx.prisma.user.update({
where: { id: ctx.user.id },
data: input,
data: {
...directFields,
...(metadataJson !== undefined && { metadataJson }),
},
})
}),
/**
* Delete own account (requires password confirmation)
*/
deleteAccount: protectedProcedure
.input(
z.object({
password: z.string().min(1),
})
)
.mutation(async ({ ctx, input }) => {
// Get current user with password hash
const user = await ctx.prisma.user.findUniqueOrThrow({
where: { id: ctx.user.id },
select: { id: true, email: true, passwordHash: true, role: true },
})
// Prevent super admins from self-deleting
if (user.role === 'SUPER_ADMIN') {
throw new TRPCError({
code: 'FORBIDDEN',
message: 'Super admins cannot delete their own account',
})
}
if (!user.passwordHash) {
throw new TRPCError({
code: 'BAD_REQUEST',
message: 'No password set. Please set a password first.',
})
}
// Verify password
const { verifyPassword } = await import('@/lib/password')
const isValid = await verifyPassword(input.password, user.passwordHash)
if (!isValid) {
throw new TRPCError({
code: 'UNAUTHORIZED',
message: 'Password is incorrect',
})
}
// Audit log before deletion
await ctx.prisma.auditLog.create({
data: {
userId: ctx.user.id,
action: 'DELETE_OWN_ACCOUNT',
entityType: 'User',
entityId: ctx.user.id,
detailsJson: { email: user.email },
ipAddress: ctx.ip,
userAgent: ctx.userAgent,
},
})
// Delete the user
await ctx.prisma.user.delete({
where: { id: ctx.user.id },
})
return { success: true }
}),
/**
* List all users (admin only)
*/